{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-8642", "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "state": "PUBLISHED", "assignerShortName": "eclipse", "dateReserved": "2024-09-10T06:20:33.205Z", "datePublished": "2024-09-11T13:34:28.463Z", "dateUpdated": "2024-09-11T14:06:55.373Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://repo.maven.apache.org/maven2/", "defaultStatus": "unaffected", "modules": ["transfer-data-plane"], "packageName": "org.eclipse.edc:transfer-data-plane", "product": "Eclipse EDC Connector", "repo": "https://github.com/eclipse-edc/Connector", "vendor": "Eclipse Foundation", "versions": [{"lessThan": "0.9.0", "status": "affected", "version": "0.5.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity (expiry, not-before, issuance date), which can allow an attacker to bypass the check for token expiration. The issue requires to have a dataplane configured to support http proxy consumer pull AND include the module \"transfer-data-plane\". The affected code was marked deprecated from the version 0.6.0 in favour of Dataplane Signaling. In 0.9.0 the vulnerable code has been removed."}], "value": "In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity (expiry, not-before, issuance date), which can allow an attacker to bypass the check for token expiration. The issue requires to have a dataplane configured to support http proxy consumer pull AND include the module \"transfer-data-plane\". The affected code was marked deprecated from the version 0.6.0 in favour of Dataplane Signaling. In 0.9.0 the vulnerable code has been removed."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 5, "baseSeverity": "MEDIUM", "privilegesRequired": "HIGH", "providerUrgency": "GREEN", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/RE:L/U:Green", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "LOW"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-303", "description": "CWE-303", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-305", "description": "CWE-305", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "shortName": "eclipse", "dateUpdated": "2024-09-11T13:34:28.463Z"}, "references": [{"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/234"}, {"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/28"}, {"url": "https://github.com/eclipse-edc/Connector/commit/04899e91dcdb4a407db4eb7af3e7b6ff9a9e9ad6"}, {"url": "https://github.com/eclipse-edc/Connector/releases/tag/v0.9.0"}], "source": {"discovery": "UNKNOWN"}, "title": "Eclipse EDC: Consumer pull transfer token validation checks not applied", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "eclipse_foundation", "product": "edc", "cpes": ["cpe:2.3:a:eclipse_foundation:edc:0.5.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0.5.0", "status": "affected", "lessThan": "0.9.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-11T14:03:51.264915Z", "id": "CVE-2024-8642", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T14:06:55.373Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-8642", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-11T14:03:51.264915Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:eclipse_foundation:edc:0.5.0:*:*:*:*:*:*:*"], "vendor": "eclipse_foundation", "product": "edc", "versions": [{"status": "affected", "version": "0.5.0", "lessThan": "0.9.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T14:06:44.769Z"}}], "cna": {"title": "Eclipse EDC: Consumer pull transfer token validation checks not applied", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/RE:L/U:Green", "providerUrgency": "GREEN", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/eclipse-edc/Connector", "vendor": "Eclipse Foundation", "modules": ["transfer-data-plane"], "product": "Eclipse EDC Connector", "versions": [{"status": "affected", "version": "0.5.0", "lessThan": "0.9.0", "versionType": "semver"}], "packageName": "org.eclipse.edc:transfer-data-plane", "collectionURL": "https://repo.maven.apache.org/maven2/", "defaultStatus": "unaffected"}], "references": [{"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/234"}, {"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/28"}, {"url": "https://github.com/eclipse-edc/Connector/commit/04899e91dcdb4a407db4eb7af3e7b6ff9a9e9ad6"}, {"url": "https://github.com/eclipse-edc/Connector/releases/tag/v0.9.0"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity (expiry, not-before, issuance date), which can allow an attacker to bypass the check for token expiration. The issue requires to have a dataplane configured to support http proxy consumer pull AND include the module \"transfer-data-plane\". The affected code was marked deprecated from the version 0.6.0 in favour of Dataplane Signaling. In 0.9.0 the vulnerable code has been removed.", "supportingMedia": [{"type": "text/html", "value": "In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity (expiry, not-before, issuance date), which can allow an attacker to bypass the check for token expiration. The issue requires to have a dataplane configured to support http proxy consumer pull AND include the module \"transfer-data-plane\". The affected code was marked deprecated from the version 0.6.0 in favour of Dataplane Signaling. In 0.9.0 the vulnerable code has been removed.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-303", "description": "CWE-303"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-305", "description": "CWE-305"}]}], "providerMetadata": {"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "shortName": "eclipse", "dateUpdated": "2024-09-11T13:34:28.463Z"}}}, "cveMetadata": {"cveId": "CVE-2024-8642", "state": "PUBLISHED", "dateUpdated": "2024-09-11T14:06:55.373Z", "dateReserved": "2024-09-10T06:20:33.205Z", "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "datePublished": "2024-09-11T13:34:28.463Z", "assignerShortName": "eclipse"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:eclipse:eclipse_dataspace_components:*:*:*:*:*:*:*:*", "matchCriteriaId": "2888B4A6-45F7-4AA7-A1B5-13AA28E245D0", "versionEndExcluding": "0.9.0", "versionStartIncluding": "0.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity (expiry, not-before, issuance date), which can allow an attacker to bypass the check for token expiration. The issue requires to have a dataplane configured to support http proxy consumer pull AND include the module \"transfer-data-plane\". The affected code was marked deprecated from the version 0.6.0 in favour of Dataplane Signaling. In 0.9.0 the vulnerable code has been removed."}, {"lang": "es", "value": "En Eclipse Dataspace Components, desde la versi\u00f3n 0.5.0 y antes de la versi\u00f3n 0.9.0, el ConsumerPullTransferTokenValidationApiController no comprueba la validez del token (vencimiento, fecha anterior, fecha de emisi\u00f3n), lo que puede permitir que un atacante omita la comprobaci\u00f3n de vencimiento del token. El problema requiere tener un plano de datos configurado para admitir la extracci\u00f3n del consumidor del proxy http E incluir el m\u00f3dulo \"transfer-data-plane\". El c\u00f3digo afectado se marc\u00f3 como obsoleto desde la versi\u00f3n 0.6.0 a favor de la se\u00f1alizaci\u00f3n del plano de datos. En la versi\u00f3n 0.9.0, se elimin\u00f3 el c\u00f3digo vulnerable."}], "id": "CVE-2024-8642", "lastModified": "2024-09-19T15:18:47.917", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "GREEN", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "HIGH", "subsequentSystemIntegrity": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:L/U:Green", "version": "4.0", "vulnerabilityResponseEffort": "LOW", "vulnerableSystemAvailability": "NONE", "vulnerableSystemConfidentiality": "NONE", "vulnerableSystemIntegrity": "NONE"}, "source": "emo@eclipse.org", "type": "Secondary"}]}, "published": "2024-09-11T14:15:14.177", "references": [{"source": "emo@eclipse.org", "tags": ["Patch"], "url": "https://github.com/eclipse-edc/Connector/commit/04899e91dcdb4a407db4eb7af3e7b6ff9a9e9ad6"}, {"source": "emo@eclipse.org", "tags": ["Release Notes"], "url": "https://github.com/eclipse-edc/Connector/releases/tag/v0.9.0"}, {"source": "emo@eclipse.org", "tags": ["Issue Tracking"], "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/28"}, {"source": "emo@eclipse.org", "tags": ["Vendor Advisory"], "url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/234"}], "sourceIdentifier": "emo@eclipse.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-303"}, {"lang": "en", "value": "CWE-305"}], "source": "emo@eclipse.org", "type": "Secondary"}]}

{}